Open symmetric keys are bound to the session not to the security context. An open key will continue to be available until it is either explicitly closed or the session is terminated. If you open a symmetric key and then switch context, the key will remain open and be available in the impersonated context. Information about open symmetric keys is visible in the sys.openkeys (Transact-SQL) catalog view.

If the symmetric key was encrypted with another key, that key must be opened first.

If the symmetric key is already open, the query is a NO_OP.

If the password, certificate, or key supplied to decrypt the symmetric key is incorrect, the query will fail.

Symmetric keys created from encryption providers cannot be opened. Encryption and decryption operations using this kind of symmetric key succeed without the OPEN statement because the Encryption Provider is opening and closing the key.

B. Opening a symmetric key by using another symmetric key

USE AdventureWorks;
-- First open the symmetric key that you want for decryption.
OPEN SYMMETRIC KEY HarnpadoungsatayaSE3
DECRYPTION BY CERTIFICATE sariyaCert01;
-- Use the key that is already open to decrypt MarketingKey11.
OPEN SYMMETRIC KEY MarketingKey11
DECRYPTION BY SYMMETRIC KEY HarnpadoungsatayaSE3;
GO